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405EP Preliminary Application Note 
Using the PowerPC 405EP in a WLAN Access Point Application 


A wireless local area network (WLAN) provides a powerful and mobile way to access a wired network. A WLAN 
saves the cost of laying the cable to enable rapid, high-performance, cost-effective deployment of broadband wire- 
less access for small office/home office (SOHO) and enterprise environments alike. The popularity of WLAN 
connectivity has created a demand for lower power, lower cost, fewer parts, and greater function integration. The 


AMCC PowerPC® 405EP embedded processor has high performance, low power, and a high level of integration 
that is ideally suited for this application. This application note explores WLAN system architecture and describes 
using the PowerPC 405EP in the design of a wireless access point device. 


WLAN ARCHITECTURE 


The IEEE® 802.11 WLAN standard, commonly known as wireless Ethernet, is part of the IEEE 802® family of local 
and metropolitan area networking standards, of which 802.3 (Ethernet) is a well-known and widely deployed exam- 
ple. These standards deal with the physical and data link layers in the ISO open system interconnect (OSI) basic 
reference model. IEEE 802 specifies the data link layer in two sub-layers: logical link control (LLC) and medium 
access control (MAC). The IEEE 802 LAN MACs share a common LLC layer (IEEE 802.2) and link layer address 
space using 48-bit addresses. 


Bridging between IEEE 802.11 WLANs and IEEE 802 wired LANs is relatively simple, as is constructing extended 
interconnected wired and wireless LANs. When this is accomplished, all typical LAN services, such as file sharing, 
e-mail transfer, and Internet browsing, are made available to wireless mobile stations. Figure 1 shows a typical 
WLAN infrastructure in a SOHO environment. It consists of a wireless network interface card (NIC) and a wireless 
local bridge or access point. 


Figure 1. A Representative SOHO WLAN Architecture 
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The wireless NIC connects the mobile device with the wireless network, and the access point connects the wireless 
network with a wired network. In this case, the access point is fixed and connected to a broadband backbone via a 
cable or DSL modem. 


Figure 2 depicts a WLAN arrangement in an enterprise environment. Here the access point acts as a relay station 
between the WLAN and the wired LAN. Most wireless NICs, implemented as PC cards in notebook computers, 
operate over unlicensed frequencies, and connect mobile devices to the wireless network by implementing a car- 
rier sense access protocol and modulating the data signal with a spreading sequence. This enables an access 
point with a single radio channel to be shared among many mobile users in a common space. 
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Figure 2. A Representative Enterprise WLAN Architecture 
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SYSTEM DESIGN ISSUES 


The earliest WLAN technology (802.11) operated in the 2.4-GHz unlicensed Industrial, Scientific, and Medical 
(ISM) band and offered data rates up to 2 Mbps. Subsequent extensions to the 802.11b standards provided for 
higher data rates of 5.5 and 11 Mbps, also operating in the 2.4-GHz ISM band. The standards continue to evolve, 
promising a 54-Mbps extensions of the existing 802.11g standard and a 54-Mbps extension of 802.11a operating in 
the 5-GHz unlicensed National Information Infrastructure (NII) band. Each radio band contains several channels 
with unique center frequencies. The ISM frequency band (2.4—2.5 GHz) provides fourteen unique channels, and 
the NII frequency band offers twelve unique channels across lower, middle, and upper sub-bands. 


Typically, an access point is configured to support a single radio (a single channel of a single band) with a single 
baseband processing subsystem. This radio channel is shared among several mobile users using the carrier sense 
multiple access with collision avoidance (CSMA/CA) protocol. Thus, the maximum raw bandwidth per radio chan- 
nel of wireless traffic toward a wired LAN is 11 Mbps (802.11b) or 54 Mbps (802.11a and 802.119). Multiband 
(multiple radios), multichannel, and mixed-mode (802.11a/b/g) systems are likely to become more popular in the 
future, and will result in higher data rates by multichannel aggregation techniques. 


Some wireless access points can be configured as either a bridge or as a network address translator (NAT). If con- 
figured as a bridge, an access point simply copies traffic back and forth between its wireless and wired interfaces 
regardless of the upper layer protocols such as IP, IPX, or AppleTalk. However, if the access point is configured as 
a NAT device, it must offer layer 3 (IP) address translation service along with Dynamic Host Configuration Protocol 
(DHCP) services. 


Thus, emerging wireless access point designs will not only require support for higher throughput but also flexibility 
to accommodate changing protocol processing requirements. The AMCC PowerPC 405EP 32-bit RISC processor 
can provide a flexible, fast time-to-market hardware solution to satisfy the demands of high-performance embed- 
ded applications. 
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IMPLEMENTATION 


Figure 3 shows a typical wireless access point configuration. Radio waves are the most widely used medium for 
connecting mobile devices and access points without line of sight because they propagate through walls and other 
obstructions with little attenuation. 


Figure 3. Wireless Access Point System Architecture 
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The 802.11 standard defines a physical layer encompassing four technologies: 
¢ Direct Sequence Spread Spectrum (DSSS) 
e Frequency Hopping Spread Spectrum (FHSS) 
e Infrared (IR) 
¢ Orthogonal Frequency Division Multiplexing (OFDM) 


DSSS is the most widely deployed technology in the 2.4-GHz band (802.11b). OFDM has been accepted for 
802.11a and 802.11g in the 5-GHz and 2.4-GHz bands, respectively. OFDM PHY enables demodulation with zero 
intermediate frequency, and is used at higher data rates for transmission of multimedia content. DSSS combines a 
data signal at the sending station with a higher data rate bit sequence to increase the signal's resistance to interfer- 
ence and offers the potential of higher data rates. 


Several vendors offer 802.11 chipsets encompassing the radio, PHY (also known as baseband processor (BBP)), 
and wireless MAC functions to help build the WLAN end of an access point. These chipsets commonly offer a 
choice of several system level interfaces such as PCI, CardBus, and USB. Figure 4 shows a single-band, single- 
channel, 802.11b access point design using the Intersil® PRISM® 2.5 chipset and the AMCC PowerPC 405EP 
embedded processor. 


Figure 4. Single-Mode, Single-Band, Single-Channel 802.11b Access Point 
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The PowerPC 405EP is a highly integrated control and network processor with an embedded PCI bus arbiter. It 
offers a rich set of I/O interfaces, including: 
¢ A 32-bit asynchronous PCI bus 
- 33 or 66 MHZ at 3.3 V 
- 33 MHz at5 V 
¢ Dual 10/100 full-duplex Ethernet ports with media-independent interfaces (MII) 
¢ Two Serial ports (16750-compatible UART) 
Operating at 266 MHz, the PowerPC 405EP offers processing performance in excess of 400 DMIPs. It can support 


data rates of 54 Mbps for access points based on 802.11a and 802.11g and still have processing capacity to handle 
value-add functions such as MAC-based filtering and traffic prioritization for quality of service (QOS). 


The access point’s main purpose is to be a transparent bridge between a wireless LAN and a wired LAN. The 
405EP offers the control and network processing function. 


The operating system kernel uses device drivers to interact with external interfaces. The system-side logic compo- 
nent, BBP+WMAC, is a slave device on the PCI bus and is controlled via a wireless device driver in the operating 
system running in the 405EP. Another device driver is needed to manage external Ethernet interfaces on the pro- 
cessor. In the most common configuration, frames are routed as follows: 


1. The wireless device driver receives 802.2 Subnetwork Access Protocol (SNAP) encapsulated Ethernet 
frames from the PCI interface and passes them to the bridging software in the kernel. 


2. The bridging software performs the appropriate bridging functions (such as flood, discard, and forward). 


3. The bridging software enqueues the frame to the transmit queue of an Ethernet interface with the help of the 
Ethernet device driver. 


When an access point is configured as a gateway, the 405EP performs the following functions: 


¢ Routing 
° NAT 
* DHCP 


e Access control 

¢ Firewall functions 

« Remote management using Simple Network Management Protocol (SNMP), Web, and other protocols 
¢ Configuration and management of the wireless MACs 


The two on-chip 10/100 MACs can be used to extend the WLAN connectivity or they can be used in a two-port 
switch for a SOHO environment with switching function implemented in software on the processor. To connect to a 
wired Ethernet LAN, an external PHY device is required. 


To support a larger number of users, such as in an enterprise environment, or to sustain higher bandwidth applica- 
tions, such as streaming video, a higher capacity access point can be developed using 802.11g technology. Figure 
5 shows a dual-mode, single-band, single-channel 802.11b and 802.11g access point using a single 405EP and 
the Intersil PRISM GT%o chipset. The system is backward-compatible with 802.11b clients and supports both Com- 
plementary Code Keying (CCK) and OFDM modulation schemes. 
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Figure 5. Dual-Mode, Single-Band, Single-Channel 802.11b/g Access Point 
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Alternatively, a multi-mode access point offers universal support for practically any type of mobile client. Figure 6 
illustrates a multi-mode access point using the Intersil PRISM Duette™ chipset that rivals the capacity of the system 
shown in Figure 5. This configuration supports 802.11a, 802.11b, and 802.11g modes, and it supports dual bands 
(2.4 GHz and 5 GHz). The system requires fewer radio chips due to direct conversion of radio frequency to base 
band frequency by the Zero Intermediate Frequency (ZIF) converter. Such a system offers roaming flexibility for 
mobile stations. 


Figure 6. Multi-Mode, Dual-Band, Single-Channel 802.11a/b/g Access Point 
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NETWORK SECURITY 


With the growth of electronic commerce, user privacy, information protection, and access control have become 
integral parts of network infrastructure and end computer systems. Authentication and encryption are two important 
aspects of network security. 


Most encryption algorithms are symmetric and commutative. Symmetric ciphering operates on input either in 
blocks or as a stream. Block ciphers such as the Data Encryption Standard (DES) and triple DES (3DES) operate 
on data one block at a time. Streaming ciphers such as RC4 operate on data one bit or one byte at a time. 


The access point is a critical link between the wireless LAN and the wired LAN. Wired Equivalent Privacy (WEP) is 
a layer 2 protocol that uses the RC4 streaming cipher and provides over-the-air security. 


Most ciphering algorithms can be implemented in software at low data rates such as 1—2 Mbps. However, at data 
rates of 10 Mbps and above, hardware accelerators become necessary. The wireless MAC provides WEP function- 
ality with the help of a combination of hardware and software. 
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The WEP protocol continues to be enhanced in the IEEE 802.111 Task Group to provide robustness and compre- 
hensive authentication. In addition, layer 2 access control and security can be augmented by a layer 3 security 
function using the IPsec protocol and 405EP-based access control. 


In this regard, the PCI bus offers the advantage of system expendability by enabling Internet Protocol Security 
(IPsec) coprocessors to be connected to the PCI bus to support layer 3 security functions. The memory devices 
attached to the IPSec processor contain the Security Policy Database (SPD) and Security Association Database 
(SAD). The SAD entries contain the secret keys for ciphering and deciphering the packets. The keys are 
exchanged and managed using the Internet Key Exchange (IKE) protocol implemented either in the software run- 
ning in the 405EP processor or the firmware running in the IPSec coprocessor. For higher performance, IKE can be 
implemented in a hardware coprocessor attached to the PCI bus. 


Figure 7 shows a system configuration for a residential gateway with an external IPSec coprocessor. The virtual 
private network (VPN) application can be implemented in the 405EP processor along with software-based switch- 
ing between the two Ethernet ports. 


Figure 7. Residential Gateway Solution Using External IPSec Coprocessor 
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The PowerPC 405EP processor offers enough processing headroom to easily implement host-based prioritization 
by a look-up in a QoS policy table. This is important due to emerging QoS standards being discussed in the IEEE 
802.11e Task Group. 
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DEVELOPMENT TOOLS, SOFTWARE, AND ENABLEMENT 


To enable evaluation and rapid prototyping of products, AMCC offers an evaluation platform, schematics, and soft- 
ware tools for the PowerPC 405EP. In addition, a wide range of third-party products is available to support 
PowerPC embedded processors. 
Figure 8 shows the evaluation platform for the PowerPC 405EP. 
The platform includes the following: 
¢ Arich variety of I/O interfaces: 
- Two serial-port connectors to support boot configuration and system management. 


- Four full-size PCI connectors that enable attachment of external subsystems such as a WLAN adapter 
and an IPsec security coprocessor. 


- Two 10/100 Ethernet connectors for connecting with enterprise network and WAN via a broadband 
modem. 


¢« Anon-board SDRAM DIMM connector that supports up to a 256-MB memory module that can accommo- 
date an embedded application image with a range of functions, including: 


- Bridging 

- Routing 

- Security (IPSec) 

- Firewall 

- Access control 

- Quality of service 

- Web-based management 


¢ ARISCWatch JTAG debugger connector and a logic analyzer connector for debugging the embedded 
application software. 


Figure 8. PowerPC 405EP Evaluation Platform 
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To help accelerate time-to-market, reference schematics for the WLAN adapter, PowerPC 405EP evaluation plat- 
form, and the security coprocessor boards are available as traditional documents as well as in design database 
form for the Cadence Concept and Allegro design tools. The database format is helpful in creating a customized 
single-board design schematic by concatenating subsystems to fit in a particular circuit board form factor. The 
board layout guidelines can help designers achieve optimal signal propagation and EMI characteristics on their cir- 
cuit boards. The device drivers and firmware associated with the WLAN adapter and security coprocessors are 
provided to speed up the integration and realization of the target product. 


The PowerPC family of embedded processors enjoys a broad range of third-party support for hardware and soft- 
ware including real-time operating systems by Wind River and MontaVista; compilers and debuggers by 
MetaWare, Green Hills, and GNU; protocol stacks and application software by Wind River; and evaluation kits and 
JTAG hardware debuggers by Agilent. A complete list of AMCC and third-party enablement offerings can be found 
at amcc.com. 


For information on PowerPC products, visit amcc.com. 


RELATED DOCUMENTS 
e¢ IEEE 802.11, 1999 Edition, Part 11: “Wireless LAN Medium Access Control (MAC) and Physical Layer 
(PHY) Specifications.” 
e¢ IEEE 802.11a-1999, Part 11: “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) 
Specifications: Higher-Speed Physical Layer Extension in the 5 GHz Band.” 


e IEEE 802.11b-1999, Part 11: “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) 
Specifications: Higher-Speed Physical Layer Extension in the 2.4 GHz Band.” 


¢ PowerPC 405EP Embedded Processor User's Manual, SA14-2696-00, October 2002. 
¢ PowerPC 405EP Evaluation Board Manual, SA14-2686-02, October 2002. 


Note: Datasheets and other documentation for the Intersil PRISM products discussed in this application note can 
be found at www.intersil.com. 
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Phone: (858) 450-9333 — (800) 755-2622 — Fax: (858) 450-9885 
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AMCC reserves the right to make changes to its products, its datasheets, or related documentation, without notice and war- 
rants its products solely pursuant to its terms and conditions of sale, only to substantially comply with the latest available 
datasheet. Please consult AMCC’s Term and Conditions of Sale for its warranties and other terms, conditions and limitations. 
AMCC may discontinue any semiconductor product or service without notice, and advises its customers to obtain the latest 
version of relevant information to verify, before placing orders, that the information is current. AMCC does not assume any lia- 
bility arising out of the application or use of any product or circuit described herein, neither does it convey any license under 
its patent rights nor the rights of others. AMCC reserves the right to ship devices of higher grade in place of those of lower 
grade. 


AMCC SEMICONDUCTOR PRODUCTS ARE NOT DESIGNED, INTENDED, AUTHORIZED, OR WARRANTED TO BE 
SUITABLE FOR USE IN LIFE-SUPPORT APPLICATIONS, DEVICES OR SYSTEMS OR OTHER CRITICAL 
APPLICATIONS. 


AMCC is a registered Trademark of Applied Micro Circuits Corporation. Copyright © 2004 Applied Micro Circuits Corporation. 
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